GDPR Compliance | Fedzu Tonal

Our Commitment to GDPR

Fedzu Tonal is committed to ensuring that your privacy is protected in accordance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This page outlines our compliance measures and your rights as a data subject.

Data Controller

Fedzu Tonal acts as the data controller for personal information collected through our website and services. As data controller, we determine the purposes and means of processing personal data.

Our contact details are:
Fedzu Tonal
47 Chancery Lane
London WC2A 1PL
United Kingdom
Email: [email protected]

Lawful Basis for Processing

We process personal data under the following lawful bases:

Consent: Where you have given clear consent for us to process your personal data for a specific purpose, such as receiving marketing communications.
Contract: Where processing is necessary for the performance of a contract with you, such as providing research services you have commissioned.
Legitimate Interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided your interests and fundamental rights do not override those interests.
Legal Obligation: Where processing is necessary to comply with a legal obligation.

Your Rights Under GDPR

Under GDPR, you have the following rights:

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of receiving your request.

Right to Rectification

You have the right to request that we correct any personal data that is inaccurate or incomplete. We will respond to your request within one month.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, including when the data is no longer necessary for the purpose it was collected, or when you withdraw consent.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interests as the lawful basis for processing.

Rights Related to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

Encryption of personal data where appropriate
Regular testing and evaluation of security measures
Staff training on data protection
Access controls limiting who can access personal data
Secure data storage and transmission protocols

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

International Transfers

We do not routinely transfer personal data outside the UK or European Economic Area. Where such transfers are necessary, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

Exercising Your Rights

To exercise any of your rights under GDPR, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or we receive a number of requests, we may extend this period by a further two months, in which case we will inform you.

Complaints

If you are not satisfied with our response to your request or believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk